[jira] [Commented] (STORM-1853) Deserialization issues in Utils.javaDeserialize()

ASF GitHub Bot (JIRA) Sun, 22 May 2016 21:09:07 -0700

    [ 
https://issues.apache.org/jira/browse/STORM-1853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15295889#comment-15295889
 ]


ASF GitHub Bot commented on STORM-1853:
---------------------------------------

Github user HeartSaVioR commented on the pull request:

    https://github.com/apache/storm/pull/1440#issuecomment-220883591
  
    +1
    
    I just compared ClassLoaderObjectInputStream and ObjectInputStream, and 
found ObjectInputStream uses latestUserDefinedLoader() which calls 
sun.misc.VM.latestUserDefinedLoader(). While I'm not expert on this, but it's 
not same as ClassLoader.getSystemClassLoader().
    
    If anyone is an expert or having knowledge on classloader please explain 
this to avoid same issue. Thanks in advance.


> Deserialization issues in Utils.javaDeserialize()
> -------------------------------------------------
>
>                 Key: STORM-1853
>                 URL: https://issues.apache.org/jira/browse/STORM-1853
>             Project: Apache Storm
>          Issue Type: Bug
>          Components: storm-core
>    Affects Versions: 1.0.0
>            Reporter: Abhishek Agarwal
>            Assignee: Abhishek Agarwal
>
> Utils.javaDeserialize uses a custom implementation of ObjectInputStream which 
> can be inconsistent with ObjectOutputStream class used in javaSerialize. 
> One resulting issue e.g
> http://mail-archives.apache.org/mod_mbox/storm-user/201605.mbox/%3CCAGOmOn0RJ33RZ0tj-%3DoKPkqNunkS4Q2Nx0ZSKHcNAMPLowuc3w%40mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (STORM-1853) Deserialization issues in Utils.javaDeserialize()

Reply via email to